Lucene search
K

6 matches found

Prion
Prion
added 2022/08/01 5:15 p.m.11 views

Cross site scripting

Shopware is an open source e-commerce software. In versions from 5.7.0 a persistent cross site scripting XSS vulnerability exists in the customer module. Users are recommend to update to the current version 5.7.14. You can get the update to 5.7.14 regularly via the Auto-Updater or directly via th...

4.9CVSS5.2AI score0.00535EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2021/06/24 9:15 p.m.16 views

CVE-2021-32712

Shopware is an open source eCommerce platform. Versions prior to 5.6.10 are vulnerable to system information leakage in error handling. Users are recommend to update to version 5.6.10. You can get the update to 5.6.10 regularly via the Auto-Updater or directly via the download overview...

5.3CVSS0.01135EPSS
Exploits0References3
Prion
Prion
added 2021/06/24 9:15 p.m.13 views

Code injection

Shopware is an open source eCommerce platform. In versions prior to 6.4.1.1 the admin api has exposed some internal hidden fields when an association has been loaded with a to many reference. Users are recommend to update to version 6.4.1.1. You can get the update to 6.4.1.1 regularly via the...

4CVSS5AI score0.01113EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2021/06/24 8:15 p.m.14 views

Code injection

Shopware is an open source eCommerce platform. Potential session hijacking of store customers in versions below 6.3.5.2. We recommend to update to the current version 6.3.5.2. You can get the update to 6.3.5.2 regularly via the Auto-Updater or directly via the download overview. For older version...

5CVSS7.5AI score0.00877EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2021/06/24 7:45 p.m.21 views

CVE-2021-32710 Potential Session Hijacking in Shopware

Shopware is an open source eCommerce platform. Potential session hijacking of store customers in versions below 6.3.5.2. We recommend to update to the current version 6.3.5.2. You can get the update to 6.3.5.2 regularly via the Auto-Updater or directly via the download overview. For older version...

5.9CVSS7.7AI score0.00877EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2020/10/19 9:34 p.m.30 views

Denial of Service via Cache Flooding

Impact Denial of Service via Cache Flooding Patches We recommend to update to the current version 6.3.2.1. You can get the update to 6.3.2.1 regularly via the Auto-Updater or directly via the download overview. https://www.shopware.com/en/download/shopware-6 Workarounds For older versions of 6.1...

2.7AI score
Exploits0References2Affected Software2
Rows per page
Query Builder